URL format

{group} is the API group. All currently existing Sensu API endpoints are of group core.

{version} is the API version: v2.

{namespace} is the namespace name. The examples in these API docs use the default namespace. The Sensu API requires that the authenticated user have the correct access permissions for the namespace specified in the URL. If the authenticated user has the correct cluster-wide permissions, you can leave out the /namespaces/{namespace} portion of the URL to access Sensu resources across namespaces. See the RBAC reference for more information about configuring Sensu users and access controls.

Data format

The API uses JSON formatted requests and responses.
In terms of sensuctl output types, the Sensu API uses the json format, not wrapped-json.

Versioning

The Sensu Go API is versioned according to the format v{majorVersion}{stabilityLevel}{iterationNumber}, in which v2 is stable version 2.
The Sensu API guarantees backward compatibility for stable versions of the API.

Sensu makes no guarantee that an alpha or beta API will be maintained for any period of time.
Alpha versions should be considered under active development and may not be published for every release.
Beta APIs, while more stable than alpha versions, offer similarly short-lived lifespans and also provide no guarantee of programmatic conversions when the API is updated.

Access control

With the exception of the health and metrics APIs, the Sensu API requires authentication using a JWT access token.
You can generate access tokens and refresh tokens using the authentication API and your Sensu username and password.
These docs use $SENSU_TOKEN to represent a valid access token in API requests.

Authentication quick start

To set up a local API testing environment, save your Sensu credentials and token as environment variables:

Access tokens last for around 15 minutes.
When your token expires, you should see a 401 Unauthorized response from the API.
To generate a new access token, use the /auth/token API endpoint, including the expired access token in the authorization header and the refresh token in the request body:

Generating an API token using sensuctl

You can also generate an API access token using the sensuctl command-line tool.
The user credentials that you use to log in to sensuctl determine your permissions to get, list, create, update, and delete resources using the Sensu API.

Access tokens last for around 15 minutes.
If your token expires, you should see a 401 Unauthorized response from the API.
To regenerate a valid access token, first run any sensuctl command (like sensuctl event list) then repeat step 2.

Pagination

The Sensu API supports response pagination for all GET endpoints that return an array.
You can request a paginated response using the limit and continue query parameters.

For example, the following request limits the response to a maximum of two objects.

The response includes the available objects up to the specified limit and, if there are more objects available, a continue token.
For example, the following response indicates that there are more than two namespaces available and provides a continue token to request the next page of objects.

If the request does not return a continue token, there are no further objects to return.
For example, the following response indicates that there is only one additional namespace available.

HTTP/1.1 200 OK
Content-Type: application/json
[{"name": "ops"}]

Filtering

LICENSED TIER: Unlock API filtering in Sensu Go with a Sensu license. To activate your license, see the getting started guide.

The Sensu API supports filtering for all GET endpoints that return an array. You can filter resources based on their labels with a label selector using the labelSelector query parameter and on certain pre-determined fields with a field selector using the fieldSelector query parameter.

For example, the following request filters the response to only include resources that have a label entry region with the value us-west-1. We will use the flag --data-urlencode in curl so it encodes the query parameter for us, in conjunction with the -G flag so it appends the data to the URL.

Combining selectors and statements

A field or label selector can be made of multiple statements which are separated with the logical operator && (AND). For example, the following curl request looks up checks that are configured to be published and have the slack handler:

Request size

API request bodies are limited to 0.512 MB in size.

About Sensu

The Sensu monitoring event pipeline empowers businesses to automate their monitoring workflows and gain deep visibility into their multi-cloud infrastructure, from Kubernetes to bare metal. Companies like Sony, Box.com, and Activision rely on Sensu to help deliver value faster, at scale.